[Auto-Sync] Atualização das configurações em srvproxy001.itguys.com.br - 2025-10-03 09:34:37

nginx/modsecurity/global-exceptions.conf

@@ -11,12 +11,6 @@
 SecRule REQUEST_URI "@beginsWith /remote.php" "id:10001,phase:1,nolog,pass,ctl:ruleEngine=Off"
 SecRule REQUEST_URI "@streq /.well-known/caldav" "id:10002,phase:1,nolog,pass,ctl:ruleEngine=Off"
 SecRule REQUEST_URI "@streq /.well-known/carddav" "id:10003,phase:1,nolog,pass,ctl:ruleEngine=Off"
-SecRule REQUEST_URI "@beginsWith /ocs/v2.php/apps/user_status/api/v1/heartbeat" \
-    "id:1001,phase:2,pass,nolog,ctl:ruleRemoveById=942100,msg:'TUNING: Falso-positivo de SQLi (942100) removido para a API de heartbeat'"
-SecRule REQUEST_URI "@beginsWith /ocs/v2.php/apps/user_status/api/v1/heartbeat" \
-    "id:1001,phase:2,pass,nolog,ctl:ruleRemoveById=920350,msg:'TUNING: Falso-positivo (920350) removido para a API de heartbeat'"
-SecRule REQUEST_URI "@beginsWith /apps/files/api/v1/config/sort_favorites_first" \
-    "id:1002,phase:2,pass,nolog,ctl:ruleRemoveById=920420,msg:'TUNING: Falso-positivo de decodificacao (920420) removido para a API de config'"
 # --------------------------------------------------------------------------
 # Exceções para o Zabbix
 # --------------------------------------------------------------------------
@@ -97,3 +91,10 @@ SecRule REQUEST_URI "@beginsWith /ocs/v2.php/apps/external/api/v1/sites" "id:100
 # Exceção para os ícones da app "sites externos". Bloqueava requisições DELETE.
 SecRule REQUEST_URI "@beginsWith /apps/external/icons" "id:10018,phase:1,pass,nolog,ctl:ruleEngine=Off"
 # ==========================================================================================
+SecRule REQUEST_URI "@rx ^/(ocs/v2\.php/apps/user_status/api/v1/heartbeat|apps/files/api/v1/config/(sort_favorites_first|show_hidden|grid_view|folder_tree|sort_folders_first|crop_image_previews))" \
+    "id:10022, \
+    phase:1, \
+    pass, \
+    nolog, \
+    ctl:ruleEngine=Off, \
+    msg:'TUNING: ModSecurity desativado para APIs de configuracao de UI do Nextcloud'"